This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/JTgQHQXGwmHC4oP-GDAD2vLC4nU.roa File: JTgQHQXGwmHC4oP-GDAD2vLC4nU.roa (raw, json) Hash identifier: yJJDXekwegjFnbX/lz8JwsWlV3ic5fv5wLHyl9CXJE0= Subject key identifier: 25:38:10:1D:05:C6:C2:61:C2:E2:83:FE:18:30:03:DA:F2:C2:E2:75 Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98 Certificate serial: 019C1AEDB05CB0AC5013DF0A27B4A9C1CE70 Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/JTgQHQXGwmHC4oP-GDAD2vLC4nU.roa Signing time: Sun 01 Feb 2026 20:38:30 +0000 ROA not before: Sun 01 Feb 2026 20:38:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 133153 IP address blocks: 31.42.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.mft rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 04 Feb 2026 19:43:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1a:ed:b0:5c:b0:ac:50:13:df:0a:27:b4:a9:c1:ce:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98 Validity Not Before: Feb 1 20:38:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2538101d05c6c261c2e283fe183003daf2c2e275 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:83:cf:43:c9:bf:d9:db:29:59:53:29:18:e7: 2d:23:7e:c4:cd:3d:80:70:b1:c2:b0:84:60:66:c6: 13:db:89:4d:bb:06:07:bc:23:6f:8e:33:f7:70:60: 2f:ec:ce:87:59:a7:6a:80:7f:d9:5f:76:5c:a1:40: a0:af:b6:88:ec:d2:ed:a2:fd:38:fb:96:03:40:67: 63:87:66:90:f0:1c:5a:b6:9f:9f:3d:eb:8d:c2:5b: 87:eb:07:e1:64:d9:56:26:15:bc:2e:0a:f0:6f:2f: 25:88:78:c7:12:93:1e:01:b8:cf:91:27:36:d8:37: a7:86:1f:5b:00:52:d7:2c:ca:5d:86:38:9a:c6:bf: 07:fb:c2:86:1a:5e:ed:21:1c:95:56:6c:b5:76:48: 74:d5:95:f7:1b:2d:be:ed:f0:cd:99:c3:b4:b6:5d: 80:01:41:a3:0f:9c:a1:3b:fa:4c:d2:24:20:56:a7: ee:2b:0d:89:81:39:32:94:c1:f2:88:3b:29:8d:a0: 30:02:e6:35:8e:0b:c6:a8:01:68:c6:b2:6a:6a:9d: 76:fc:f4:77:45:a8:6f:c8:47:08:66:3c:35:16:f6: 88:77:92:7d:c2:34:88:f6:fa:f3:c7:96:d0:63:35: a1:71:67:1e:ad:01:16:37:b8:8c:c2:31:fb:f7:af: cd:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:38:10:1D:05:C6:C2:61:C2:E2:83:FE:18:30:03:DA:F2:C2:E2:75 X509v3 Authority Key Identifier: keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/JTgQHQXGwmHC4oP-GDAD2vLC4nU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.42.120.0/24 Signature Algorithm: sha256WithRSAEncryption cc:41:64:85:5f:35:c5:b7:dd:31:d4:10:5b:28:46:3f:43:90: c3:e2:4a:c4:55:25:e8:07:09:8c:b8:9e:a3:c5:5f:c9:3e:ce: 03:1c:21:7a:c0:b9:19:df:69:6c:1c:53:dd:fe:a9:60:97:fc: b5:39:bb:58:aa:3f:2f:16:43:bd:b2:18:5f:46:82:12:8f:59: b1:92:5b:5a:07:b1:3b:48:38:9d:c6:bd:7f:f2:4a:80:4b:85: 99:9f:b4:a0:30:57:4b:ed:14:8d:f2:18:1e:f5:b7:0e:a1:d0: 63:cc:a8:04:ac:0a:99:92:2d:4d:f1:60:09:fb:be:a2:b7:b6: b4:22:ce:f1:11:77:f7:3a:f9:70:b0:2d:27:98:de:b0:74:f0: 75:cf:c3:5b:74:23:99:f8:b0:b7:1c:b0:27:06:30:28:c8:a8: 6e:8b:67:79:9d:a5:01:1d:4d:fe:7b:ea:68:37:a2:73:3d:54: 0e:62:08:7d:d5:79:4b:53:d9:b4:db:3b:cb:88:e1:f5:b9:1e: 44:d5:27:fc:2a:88:d9:50:1c:9d:c4:88:68:ac:65:35:1f:86: 48:96:5f:b4:1c:f8:21:07:17:4b:d8:1b:94:a0:77:de:60:5e: f1:fb:4a:aa:a4:a9:a6:04:14:80:b2:0a:f1:2b:fa:fb:93:45: 92:3a:d5:8c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZwa7bBcsKxQE98KJ7Spwc5wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1 ZTNmOTgwHhcNMjYwMjAxMjAzODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTM4MTAxZDA1YzZjMjYxYzJlMjgzZmUxODMwMDNkYWYyYzJlMjc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IPPQ8m/2dspWVMpGOctI37EzT2A cLHCsIRgZsYT24lNuwYHvCNvjjP3cGAv7M6HWadqgH/ZX3ZcoUCgr7aI7NLtov04 +5YDQGdjh2aQ8Bxatp+fPeuNwluH6wfhZNlWJhW8Lgrwby8liHjHEpMeAbjPkSc2 2Denhh9bAFLXLMpdhjiaxr8H+8KGGl7tIRyVVmy1dkh01ZX3Gy2+7fDNmcO0tl2A AUGjD5yhO/pM0iQgVqfuKw2JgTkylMHyiDspjaAwAuY1jgvGqAFoxrJqap12/PR3 RahvyEcIZjw1FvaId5J9wjSI9vrzx5bQYzWhcWcerQEWN7iMwjH796/NfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCU4EB0FxsJhwuKD/hgwA9rywuJ1MB8GA1UdIwQY MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt OWNkNjYyYmM4MzIwLzEvSlRnUUhRWEd3bUhDNG9QLUdEQUQydkxDNG5VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyp4MA0G CSqGSIb3DQEBCwUAA4IBAQDMQWSFXzXFt90x1BBbKEY/Q5DD4krEVSXoBwmMuJ6j xV/JPs4DHCF6wLkZ32lsHFPd/qlgl/y1ObtYqj8vFkO9shhfRoISj1mxkltaB7E7 SDidxr1/8kqAS4WZn7SgMFdL7RSN8hge9bcOodBjzKgErAqZki1N8WAJ+76it7a0 Is7xEXf3OvlwsC0nmN6wdPB1z8NbdCOZ+LC3HLAnBjAoyKhui2d5naUBHU3+e+po N6JzPVQOYgh91XlLU9m02zvLiOH1uR5E1Sf8KojZUBydxIhorGU1H4ZIll+0HPgh BxdL2BuUoHfeYF7x+0qqpKmmBBSAsgrxK/r7k0WSOtWM -----END CERTIFICATE-----Generated at Wed Feb 4 03:44:40 2026 by rpki-client